Click for Full Transcript

Intro  0:01  

Welcome to the She Said Privacy/He Said Security Podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.

Jodi Daniels  0:22  

Hi, Jodi Daniels here I’m the founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant and certified informational privacy professional providing practical privacy advice to overwhelmed companies. Hi,

Justin Daniels  0:37  

Justin Daniels. Here I am passionate about helping companies solve complex cyber and privacy challenges during the lifecycle of their business. I am the cyber quarterback helping clients design and implement cyber plans as well as help them manage and recover from data breaches.

Jodi Daniels  0:53  

And this episode is brought to you by Red Clover Advisors, we help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, ecommerce, professional services, and digital media. In short, we use data privacy to transform the way companies do business. Together, we’re creating a future where there is greater trust between companies and consumers. To learn more, and to check out our best selling new book, Data Reimagined: Building Trust One Byte at a Time, visit I am in a very silly, giddy mood. Watch out

Justin Daniels  1:37  

what you wouldn’t we were inhaling something this morning, my

Jodi Daniels  1:40  

feet, the construction that is going on and the the air purifiers going a little crazy. Maybe it’s something in the air where it’s I’m really hungry,

Justin Daniels  1:51  

then this could be a really entertaining episode.

Jodi Daniels  1:53  

I know. And it’s going to be because we have a really awesome guest and friend Mike Gustafson, who is the president of Search Discovery. And Search Discovery is a data transformation company that believes great things happen when companies use their data with purpose to drive measurable business impact, which I love. So Mike, I’m so excited that you are here.

Mike Gustafson  2:17  

And let’s get started. I’m excited to be here. Thanks for having me.

Justin Daniels  2:21  

How excited? Are you so giddy?

Mike Gustafson  2:24  

I like giddiness. It’s putting me at ease. So it’s great.

Jodi Daniels  2:28  

Good. We want this to just be you know, like a coffee conversation. And if we knew how to bring podcast equipment, we could have met up coffee shop. And did you’re actually here and local. You should

Justin Daniels  2:38  

have seen her yesterday lecturing at the School of Law at Georgia State. And I had to tell the audience, you may not think that she’s a lawyer because she doesn’t have a law degree. But boy, if you have to debate quarrel, or disagree with their look out,

Jodi Daniels  2:57  

that’s fine. All right, take us off. Okay. Well,

Justin Daniels  3:03  

why don’t we get started by telling us about how you got to where you are today.

Mike Gustafson  3:12  

I mean, I my I got my start in software development. So my background is as a computer science, major economics. Work for some startups work for nonprofits got was very fortunate to find a role at a pretty fast-growing web development shop pretty early in my career, and was given lots of opportunities by a lot of great people. I was with that company for almost 13 years. And we grew from 40 people to almost 1,500 people that I really ended in a role of leading technology teams, I realized pretty early on, I was less good at building the stuff and more helpful at creating opportunities for people who are good at building the stuff. And so I found myself more in leadership roles of technical teams. And our team was, you know, building everything from e-commerce sites to, you know, mobile applications. And then was fortunate to me, the founder of Search Discovery of about nine, almost 10 years ago now, right after we had exited. After Search Discovery had exited a product to Adobe, in the analytics space, a tag management platform called satellite. So I joined right after that to really help us take advantage of the opportunities. And so that was really fun to go from having been part of something really big and fast-growing lots of acquisitions to come back to something pretty small, and kind of helped shape it a little bit more firsthand way the future of the business. And so we grew really as a focusing on analytics, moving into business intelligence, and then you know, our vision has really evolved to be kind of end to end services. Helping companies think about how to use data in a purposeful way that drives the outcomes they’re actually hoping for. And so certainly, as we’ve done that we’ve spent a lot of time thinking about and talking about privacy and other many implementations of that. So a little bit about how I got here.

Jodi Daniels  5:18  

Mike, before we dive into some of the privacy conversations, can you share an example of what that end to end data transformation might look like for our client?

Mike Gustafson  5:30  

Sure, I think a lot of times customers get too focused on just one part of the broader data and analytics ecosystem. So it’s, you know, in the past 10 years, a lot of that, then let’s just collect all the data as much of it as we can, without regard to how we’re going to use it, or how we’re going to manage our government, or they focused on, let’s just do lots of analysis, our views, you really have to think about four things in the whole lifecycle. You have to have a plan, you need a strategy, what are my objectives? And how is data going to help enable and power the organization to achieve those, then you have to really think about the collection aspect? How do I collect the right data, in the right way? handle all the issues that will you know, we’re gonna get into some of those about thinking about privacy, and why do I have it? And how do I govern and manage that? And then it’s about how do I use it. And it’s not just, you know, a lot of times, it’s just thinking backwards, it’s measuring historical performance. And so it’s really helping customers think about how to use it in a more forward thinking way, driving, hypothesis driven testing and learning programs. And then last is really activating that we go through all this work, you get all the data, you measure everything. For us, the ultimate goal is how do you activate that to drive better customer experiences better personalization, provide greater insights to your customers, or the people in your business who are making decisions. And so kind of wrapping all of that is that, you know, governance and privacy, but we really have worked hard to build out a model and capabilities to help customers, make sure they’re thinking about all four of those aspects. Why am I doing it? Do I have the right data? Am I using it and teaching people how to use it responsibly and thoughtfully? And then how do I actually make that work inside of the company?

Jodi Daniels  7:22  

One of the reasons I was so excited to have this episode today is I’m not bashful to say that the intersection of marketing and privacy is my favorite part. And marketing has really been at the forefront now that for a number of years, it was marketers weren’t always welcoming to the privacy universe, and whether they like it or not, now they’re here. And it’s really been a key part of what regulators are focusing on what many of the laws are focusing on. And you’re talking to a lot of different clients as part of the transformation journey you just shared? What are you hearing from them as their biggest challenges and trying to do some of their activities in a privacy friendly way and comply with these

Mike Gustafson  8:05  

laws. I’ve just two big challenges. And then maybe a third, we can talk about specific health care. But I think, in general, people are struggling to get proactive, there’s not tons of budgets or money allocated the privacy programs just yet. So you have a lot of small teams, or it’s thrown onto the responsibility of existing data and analytics teams, or just to a legal team, those often lack of clarity of who’s even really responsible for thinking through this. And so a lot of people, a lot of the companies we talk to are still in this wait and see type of mindset, they’re waiting until something terrible happens or see if something happens in their particular niche industry or a competitor of theirs. And we think that’s a kind of dangerous approach for them. We also see, I think that’s related to why we see enforcement ramping up because they’re a little bit tired of people proactively engaging and complying with these laws. And so, you know, that’s why I think you see so much happening with, you know, California funding an entire enforcement arm, and, you know, Europe doing these regular checks on GDPR cases. And so I you know, optimistically that will help companies focus more on it, get more budget, so people can be proactive, because we think that’s what’s really important is having a proactive strategy, starting at the very beginning of, hey, here’s the data I already have is, you know, thinking about it from a zero party strategy and then let’s layer in but do it in a very thoughtful way. And I think a lot of companies, it’s hard to go back to that and kind of start over. So that’s one is I just think they’re having a difficult time being proactive. Part of that, I think is around the data collection piece. It’s really difficult and vendors aren’t making it particularly easy for Are most marketing teams to understand the interplay of even if I do, if I have all this stuff working on my consent platform, it doesn’t necessarily pass down to how the tags are firing on my particular analytics tool. And the interplay between vendors tools is really complicated. And we see a lot of people struggling to understand that. And it’s causing a lot of challenges for them of, you know, being on either being, not collecting enough data or important data that they could in a responsible way, or just collecting stuff that they shouldn’t be, which is, you know, we’ll talk about that more later. A great example of that is just consent mode. In Google Analytics, people don’t really understand what it’s actually doing, or how it’s working, or how it interplays with your consent management platform. And so that’s we see that is that’s a constant conversation of helping people think through that relative to their specific needs and their customers. So those are the two big challenges, just being proactive, and then understanding the interplay of the different vendors and what it really looks like. And then in healthcare, we see kind of a different behavior, people are being almost a little rash in their response to things. Recently, there was a HIPAA bulletin about Google Analytics, in particular, not being HIPAA compliant. And so like we saw all these customers just shut all tracking off. So now all of a sudden, these marketing teams had no data whatsoever about what was happening, and they didn’t really have a good plan of you know, what they were going to do. So we think you need to be somewhere in between that proactive, certainly cautious and thoughtful, but maybe overreacting.

Jodi Daniels  11:38  

And that Google Analytics healthcare example, for the people who didn’t just set it off, or maybe those who set it off, are they starting to move a little bit towards the middle? Is there anything that you can share about where that middle ground is?

Mike Gustafson  11:55  

Yeah, I mean, it varies. I mean, reality is Google Analytics isn’t HIPAA-compliant, it’s a tool that’s very pervasive, you know, amongst hospitals, in particular, it’s a great example, because that’s where there’s been some challenges about, about that tool. And so there they are. Some of them have turned it back on. But in more limited fashions and try to be very thoughtful or use consent mode where and try to anonymize as much as they can. Others are looking for HIPAA-compliant tools. But there’s not a lot of great digital analytics tools that are fully HIPAA compliant. And so I think what we’re trying to help some people navigate is how to use some of those tools, but send the data other places like to, you know, your own data warehouse or own data storage on a system that is HIPAA compliant, right, because a lot of it has to do with where the data is actually resting and being stored. And so I think people are looking at hybrid solutions. So it’s a mix, depending on the risk tolerance of particular hospital, or the size or magnitude of the marketing teams, and their specific goals, you know, in this particular fiscal year. So we’ll see, I think it’s going to be really interesting to see what happens, because even the bulletin is not like it’s not a legally binding thing and saying, it’s not illegal for them to do this or that there’s fines, it’s just a word of caution. And so, I think, rightfully so healthcare companies are trying really hard to be protective of that data. But I don’t think there’s a singular clear answer that’s emerged yet. I think it’s been very situational.

Jodi Daniels  13:31  

I might have to come back and do a whole healthcare episode, because I think there’s so much that we could we could cover there.

Mike Gustafson  13:37  

Well, I’ll move on. So many topics. So the Search Discovery, or even the pharmaceutical side to just sorry, Justin, like looking at kind of the broader Life Sciences world, I think there’s some really interesting and unique challenges that they face. Oh, no, no problem.

Justin Daniels  13:44  

So Search Discovery recently conducted a survey of nearly 300 companies in their CCA compliance. Can you tell us how you did that? And what are some of the interesting findings that would be of interest to our audience?

Mike Gustafson  14:15  

Yeah, we the team was really interested to see with the updates coming in the California Privacy Rights Act and the Virginia Consumer Data Protection Act like were people making changes, could we see a difference? So we did a big survey of about 300 companies across the bunch of industries who all had likely customers in those audiences and looked at what they had in December. And then, you know, did they make changes going into January? And then it really just gave us a view of like, back to what we were saying before, how proactive are people being? How compliant? Are they with these rules? You know, and what are the risks and really, how could we provide some insights or guidance to people generally, to make sure that they We’re not putting their business at risk, but also just missing the opportunity that I think implementing some of these requirements provide in how they communicate and engage with their customers. So we looked at really six categories. We looked at disclosure, Banner user experience, functionality of the banners, global privacy, control, compliance, actual policy updates, that they add the right things into their privacy policies. And then we looked at opt out linkage. And so, you know, we had our team go through, we looked at all those companies, and found some pretty disappointing, I guess, I don’t know, I’m not sure if disappointed, surprising results. I mean, there’s, it’s clear, there’s still incredible opportunity for people to work on their compliance, there’s a lot of people across all those things were out of compliance, less than half of companies had any sort of consent management, capability, feature platform, anything of those 300 sites, which is pretty surprising, actually, at this stage of where we’re at with all these things. And then when you get into looking at things like looking at the specific checkpoints, from the text, around banner, user experience or banner functionality, I mean, in general, it was less than 30% of people were compliant with the new regulations are the directions of where regulations were going. Which is, which is pretty shocking, particularly when you look at banner functionality. And this is the place where we see people have all sorts of problems, it gets back to what we were talking about before, the technology, and what the vendors are doing is confusing, and can be a little bit convoluted. And so we saw lots of people where even if I didn’t consent, I, you would still see lots of people firing tags and measuring behavior afterwards. Same is true with global privacy control, when that signal is coming from the browser, actually, 93% of companies did not properly detect that and take appropriate action on stopping data collection, you know, afterwards. So that was pretty surprising. Same kind of thing. And in privacy policy, language and opt out language, it was, you know, roughly 25% of those 300 companies were in line with what the policies, you know, either in Virginia or California, were encouraging people to do, or out of compliance with just placement of the links, those sorts of things. So it was, I think it shows that, you know, as much as 300 companies is a subsection of the whole population, people are still waiting to see, and they’re kind of playing a little bit of a Russian Roulette game, I don’t know if that’s an appropriate term, but they’re there, they’re not investing ahead of time, to make sure they’re being thoughtful about this and communicating that thoughtfulness to their customers. They’re just like, well, we’re gonna, you know, roll the dice and hope we don’t get fined and get caught up in any of the enforcement rules.

Jodi Daniels  18:10  

It will be interesting to see, I don’t know if you have a plan to come back and do this in sort of the August timeframe, because there’s a lot of companies who opted not to do it by January, and instead are looking towards July, because they were looking at effective versus enforcement day and feel like, oh, I have extra time.

Mike Gustafson  18:28  

No, that is our plan is to do it in the fourth quarter, we’ll kind of wait we’ll give people all the way till the fourth quarter. And then we’ll go take a look again. And we heard that even from a lot of the customers and companies that we’re talking with is it’s a prioritization issue gets back the budget, like okay, I have these other things that are more important right now, I’m likely not going to fall under the enforcement deadlines. But the reality is, it’s going to take them longer to do it and resolve it. So, you know, my prediction is we won’t see that much progress by the end of the year, because I think people might start those projects and engagements. But they’re going to be deep, they’re going to continue to deprioritize them until they see somebody in their industry that looks like them that has a similar customer base start to incur fines or, you know, have other issues related to it. So I think we still have a long, long ways to go before the majority of companies are going to prioritize it. We have some who are so I think we have a couple of clients who are so focused on it and it’s having very positive impacts. Much like what you talked about the book, they’re taking such a customer centric view, and it’s helping them build trust with their customers. And I think that’s incredible, but that is the rare majority of at least people we’re talking to. It’s not that they don’t want to it’s they’re just not able to with the way their budgets and funding works right now. So

Justin Daniels  19:56  

Mike has a follow up question Given all of your experience ss with software development, data has been in the lifeblood of your career, as well as the companies that you’ve dealt with, given some of the findings that you were just summarizing. Do you have any thoughts around, you know, the culture? Do you think part of this is because companies understand that they collect data, but they don’t really think about or even focus on the responsibilities that are starting to go with it now, especially with these proliferation of privacy laws, but also not understanding. And we wrote about this in the book that how you treat someone’s data is by extension, essentially, how

Mike Gustafson  20:36  

you’re treating them? Yeah. Yeah, it’s I think it’s interesting. I think there’s multiple camps inside most companies, I think marketers have become more attuned to that and care a great deal about it as well as data teams. But I think the the business teams, the commercial side of the business tends to still overshadow that and there’s still I think, a lack of understanding of the the value it can have, if you focus on this or the risk you need to avoid. Amongst, I think leadership teams there, they don’t, it still hasn’t risen to one of the most important things, I think people will pay some lip service to it. But in terms of committing budgets, and training and education, which it takes a lot of, I mean, it hasn’t been made easy. The as, as you well know, the laws are complicated, and they’re hard to understand. And it’s hard to understand if it applies to your unique situation. And with so many of them, that matrix set of puzzles, it’s, it takes a lot of time and investment. And so until the budgets are there, I think it’ll be hard for people to take it seriously. Two or three person teams that have these other jobs, it’s just not enough time for them to figure it out. So I think, at least amongst professionals in the marketing space, and business intelligence teams, or data teams, technical teams, I think they’re taking it seriously, they understand the importance of it, I think they are struggling still to get the right support and budgets and time allocated to and other resources.

Jodi Daniels  22:09  

You talked before about Google Analytics, and I want to talk about Google Analytics again. But let’s say that let’s this time, go to the other side of the pond and talk about what’s happening in the EU, where several countries there don’t really like Google Analytics, either. And I was curious if you can share, what you’re seeing companies do in response to this, what I’ve been seeing is, some companies are still just using it. Because there’s not really another alternative that they like, and they want to completely moved to and having to seems kind of complicated, but genuinely curious to see the kinds of conversations and what you’re hearing from your customers and prospects.

Mike Gustafson  22:55  

Yeah, we’re seeing the same thing, we’re definitely seeing people continue to use it, because they don’t have other options that help them or, again, it depends on if you’re talking to these like to a multinational company who operates in lots of different geographies, and they are trying to have this synthesize view of all their programs across borders. Or, you know, if it’s smaller companies that only operate in, you know, just in the EU, for example, we definitely have seen people turn it off in certain countries, but not across the entire footprint, you know, of the EU, and are exploring with kind of rolling their own solutions with using parts of it and pumping the data. I mean, a big part of the issue, right is the shipping of the data back to the US. That’s kind of the fundamental problem. I mean, there’s more to it than just that, but so a lot of them are really watching what’s going on with the European Union, US data privacy framework, and trying to see, you know, how that’s shaping up. But I would say most people are like, hey, maybe we should pull back, but they’re still waiting to see, right, they’re still I think it’s the same as we see in us relative to California and and other states. It’s, it’s a risk reward, trade off, and it’s like, okay, well, I don’t know, I’m gonna lose a lot of insights that are important to driving growth on the business. And until I know that there’s real teeth behind some of these things, then I’m gonna, you know, wait a little loose. I think that’s, I would say, in general, that’s what we’re seeing what more of that than people shutting it down. There are people shutting it down, for sure, but not not a lot of them.

Jodi Daniels  24:36  

I appreciate your sharing. I think it’s very fascinating and will continue to be a very common question. I get asked almost all the time.

Mike Gustafson  24:44  

But I mean, I’m sure you deal with it, too. It’s tricky because it’s, you want people to do the right thing. That’s the whole point of a lot of these laws is to help people be thoughtful about the individuals and their rights and and You know, flip that it’s even good for you as a business to think about it that way. But it’s such a big mind shift that’s still having to occur across so many different audiences. I just think it’s gonna take a while. And I think companies are gonna have to see other companies incur more serious pain before they think it’s gonna happen to them.

Justin Daniels  25:22  

Well, Mike, in that vein, have you witnessed any of your clients get subjected to a ransomware, or a data breach where you really have that convergence of cybersecurity and privacy laws, because so many of the breach notification laws are triggered off of data that identifies someone specifically. So does do you see that? Does that change behavior? Or is it still even after that there’s still reluctance for the reasons that you discussed?

Mike Gustafson  25:48  

I think it’s a great question. Yes, we’re seeing we’ve had customers who have been subjected to both of those challenges, and were a little bit flat footed in their ability to respond. They didn’t have plans and processes in place. And I think I would say it’s 50-50. Some have like, Okay, we got to be serious about this, it’s likely to happen again, and others are like, well, it’s not gonna happen again. They happen to us once, I think we’re kind of out, which is such a weird, illogical response in my mind. You know, so I think it’s 50-50. I don’t personally I haven’t seen that change people’s disposition to privacy compliance wrote particularly relevant relative to their websites and marketing efforts. I don’t think people connect it quite the same way, even though I think they should. So I find that to be kind of fascinating, they might get more serious about security. But they’re not thinking about the, oh, I have all this data that’s putting me at risk in the first place. That makes me a target. I just don’t see because often, I think those are still separate groups, right? You still have it, that’s only kind of one part focused on security and less on the privacy and your marketing and sales teams, typically, and maybe HR focused on the privacy side. And, you know, that it’s a constant, particularly from a software development career, like, that’s always attention, those groups don’t necessarily, they become very territorial about who gets to do what or say what and control it and they’re not thinking about unified ways of how we solve this. So we’ve seen it, but I have not at least seen that really changing people’s disposition on the whole towards what data we collect in the first place.

Jodi Daniels  27:39  

People are always asking me, Where should privacy sit? And I’m curious, because you just talked about all these different groups, and how to work together and a lot don’t work together. From a privacy perspective, when that comes up, who are the prime people that are in the room in those conversations?

Mike Gustafson  28:00  

Great. That’s a great quote. I mean, there’s a difference, I think, between who is today in those conversations, and who probably should be in those conversations. I would say, a lot of times we see it just be the legal function is the only function that’s like, in there talking about it. And they are most of the time, saying, we don’t really see this as applicable to us. It’s actually pretty fascinating. That’s most of the particularly in our case with some of our customers, we’re advocating they should do certain things, or encouraging them to do certain things. They’re pushing back and being like, marketing teams will escalate it to legal and legal is like, Nope, we don’t see that as a risk or applicable to us. Don’t worry about it. Very rarely does. Is it in that conversation? Very rarely does it translate unless really push the issue to kind of long term issues of security, or where’s that data resting and the governance conversation. So I think it’s usually too small of a group representing too small of a part of the company and very infrequently accepted some of our most forward thinking customers do they have dedicated teams focused on privacy, that are embedded across all functions of the business. So our best customers, it’s amazing their commitment to it, where they have a whole team. They have points of view, and it’s not just limited to marketing. It’s limited to all data across the organization, from, you know, HR to marketing to it. And they have team members embedded with specializations. And they have legal teams focused on policies relative to the specific nature of that data. And that’s amazing. They’re amazing to work with. It’s slow some things down, but once you kind of get the process in place, it actually makes things go a lot faster down the road, is what we’re seeing and that’s exciting, but I will tell you, you know were of the 200 clients we’re working with today. Like that’s five companies. That is it is not a large majority of the companies that we’re working with

Jodi Daniels  30:09  

opportunity growth.

Mike Gustafson  30:12  

Absolutely. The worst case is it’s just the marketer, right? That’s, and they’re left to their own, and they don’t have support in the organization one way or the other to navigate or decide. And so again, it creates opportunities for organizations like both of ours to help come alongside and support them and educate them. But, yeah, I think it’s, I think it needs to be across all functions of the business think that the senior leadership teams need to think about it, again, depending on the size of the business that could manifest itself different ways. But I think every company of all sizes, has to have somebody who’s looking at it across every function of their business and understand, you know, what they’re really doing? Well, we completely agree,

Jodi Daniels  30:59  

which is why we’re here having this conversation.

Mike Gustafson  31:05  

So, like I said, I think that’s going to be one of the interesting things is how to help people change their mindset about it. And I think you know, not to, I mean, I will give a plug for the book, it’s one of the things I loved about your book was trying to help reshape people’s thinking about this and not see it as just an insurance policy type of activity, like I have to protect myself against fines, but to see it as a way to think differently about your customers and build trust with them. I think that’s such a great thought. And I think that’s probably the way we’ll I think that will make a difference for a lot of companies. But I think sadly, there’s still going to be a significant number that will only be moved by the threat, right, and the stick of enforcement.

Justin Daniels  31:51  

So when you’re hanging out with your friends on the weekend, and they ask you, How can I stop all these targeted ads? When I’m hanging out buying some Bulldog gear or something like that? What do

Mike Gustafson  32:03  

you tell them? I try not to hang out with people ask me questions about work related stuff. What about working? It’s funny, we actually was talking about this with Lauren, who leads our privacy team. And she has a really unique point of view, which is she actually loves targeted ads, because she finds when they’re done well, it’s very helpful to her finding the things that she wants. So like when when it’s done responsibly. She likes it. I mean, the short answer is if you don’t want any ads, as you’re browsing, use brave, like, that’s probably your safest bet. It will give you some of the best ways to block ads and not be targeted. So if you really hate it, that’s what I would tell people to do. Don’t give anybody any information. Only go shop in stores with cash. You know, I mean, like get your, you know, get delisted, from the phonebook. I don’t know like you can you can do I think it’s more about phonebook still.

Justin Daniels  33:06  

Not about the AI camera.

Jodi Daniels  33:08  

But in all seriousness, think about the concept of a phone bag, someone printed the name and the address and the phone number, and sends it to everyone in the town.

Mike Gustafson  33:20  

It’s wild. It’s wild. Yeah, I think one of the things I’ve always liked about our conversations, Jody is like, it’s, there’s no way I don’t think you can, it’s hard to avoid it and still get all the benefits that it offers us today. So it really is about learning how to do it responsibly and thoughtfully, and with a high level of awareness, you know, to protect what’s important to you. And that’s going to vary from person to person about how they feel about that what information they care about being exposed or not be exposed, and it’s going to depend on where you live and how you feel about your government. You know, there’s so many factors that go into it. But I think people I do think people need we work hard to get more educated about it and educate particularly when it comes to kids and, and my kids like even talking to my my mom, like she doesn’t know anything about this. And she does all kinds of things that are probably not particularly helpful for her to be doing online. So I think it’s, you know, I would tell them to it’s not so much about the ads it’s about how are you thoughtfully sharing information about yourself and, and having a point of view for that for yourself and then picking the right tools and companies to work with?

Jodi Daniels  34:35  

When you’re not building? Search Discovery? What do you like to do for fun?

Justin Daniels  34:40  

Besides not hanging out with people who are going to ask you about targeted ads?

Mike Gustafson  34:45  

I mean, probably my biggest pastime is reading. I love to read. I have four kids. So most of my non-work life is about spending time with my kids and enjoying all sorts of things. We do a lot of hiking I mean That’s that’s great about being in Atlanta you can do outdoor stuff almost all the time. Although April’s kind of bad if you have pollen allergies, but but reading, being outdoors hanging out with my kids, those are those are my big pastimes.

Jodi Daniels  35:15  

Well, Mike, thank you so much for joining. If people want to learn more and get their hands on that survey results, for example, where should they go?

Mike Gustafson  35:23  

Yep, You can find it there. There’s, it’s actually right now linked off the homepage. So you can find it or you can just go to the blog section and you’ll see it as kind of one of the most recent thought leadership pieces the team has put out.

Jodi Daniels  35:38  

Well, again, thank you so much for sharing so many valuable insights with us today. We really appreciate it.

Mike Gustafson  35:43  

Yeah, thanks for having me. It was really fun.

Outro  35:50  

Thanks for listening to the She Said Privacy/He Said Security Podcast. If you haven’t already, be sure to click Subscribe to get future episodes and check us out on LinkedIn. See you next time.

Privacy doesn’t have to be complicated.